I have installed Nextcloud on a Banana Pi and on a Raspberry Pi3 successfully with Dietpi. Nevertheless I got a secuirty warning on Admin - Settings page:HTTP "Strict-Transport-Security" has not been configure with a value at least equal to "15552000" seconds.

If a web site accepts a connection through HTTP and redirects to HTTPS, the user in this case may initially talk to the non-encrypted version of the site before being redirected, if, for example, the user types http://www.foo.com/ or even just foo.com.

This opens up the potential for a man-in-the-middle attack, where the redirect could be exploited to direct a user to a malicious site instead of the secure version of the original page.

The HTTP Strict Transport Security (HSTS) feature lets a web site inform the browser that it should never load the site using HTTP, and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead.

Mainly because I got my Orange Pi PC setup as a home NextCloud server in it's own 3d printed case and a 1TB harddrive that I madeI want to open it up to the web so my family can sync their photos to the drive while out and about rather than just in the local network, and I want it to be secure.